HTTP Headers Analysis for https://smtp.forwardemail.net

Open Cached · just now

24 Headers

Detected Technologies from Headers

See all in URL Inspect 7

PayPal

Shields.io

YouTube

Cloudflare Turnstile

ForwardEmail

GitHub Active incidents

noembed

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31557600; includeSubDomains; preload

Content-Security-Policy

Good

default-src; connect-src; font-src; +9 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

Vary

Performance

Accept-Encoding, Origin, X-Requested-With

connection: close
vary: Accept-Encoding, Origin, X-Requested-With

Caching Headers

Etag

Caching

"58972-pS18kf43K7SLNsVsn6wQcyJGBG4"

etag: "58972-pS18kf43K7SLNsVsn6wQcyJGBG4"

Content Headers

Content-Language

Content

Content-Length

Content

362866

Content-Type

Content

text/html; charset=utf-8

content-language: en
content-length: 362866
content-type: text/html; charset=utf-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

set-cookie: locale=en; path=/; expires=Sat, 30 May 2026 14:12:08 GMT; samesite=lax; secure; httponly
locale.sig=7KSTPLTadnyU856kb97usovZo5M; path=/; expires=Sat, 30 May 2026 14:12:08 GMT; samesite=lax; secure; httponly
lad.sid=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
lad.sid.sig=LaF4jtOsRqTXqC0Q8uCi7XWrMXE; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly

Other Headers

Date

Other

Thu, 30 Apr 2026 14:12:08 GMT

Link

Other

URL

https://forwardemail.net/en

rel=canonical

X-Content-Security-Policy

Other

default-src 'self' https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce'; connect-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://www.paypal.com https://noembed.com; font-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce'; img-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://badge.hardenize.com https://tracking.qa.paypal.com https://www.paypalobjects.com https://github.com https://*.github.com https://githubusercontent.com https://*.githubusercontent.com https://shields.io https://*.shields.io https://ytimg.com https://*.ytimg.com; style-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' 'unsafe-inline' https://www.paypal.com https://challenges.cloudflare.com; script-src 'self' https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' 'unsafe-inline' https://challenges.cloudflare.com https://www.paypal.com; object-src 'none'; frame-ancestors 'self'; frame-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://www.youtube.com https://*.youtube-nocookie.com https://challenges.cloudflare.com https://www.paypal.com; report-uri https://forwardemail.net/report; base-uri 'self'; form-action 'self' https://login.ubuntu.com https://dash.cloudflare.com https://dcc.godaddy.com https://api.domainconnect.ionos.com https://dns.glauca.digital https://domains.squarespace.com

X-Dns-Prefetch-Control

Other

off

X-Download-Options

Other

noopen

X-Ratelimit-Limit

Other

1000

X-Ratelimit-Remaining

Other

999

X-Ratelimit-Reset

Other

1777558388

X-Request-Id

Other

0d41c924-031c-4066-b039-e4c388c8daaa

X-Response-Time

Other

30.238ms

X-Webkit-Csp

Other

date: Thu, 30 Apr 2026 14:12:08 GMT
link: <https://forwardemail.net/en>; rel="canonical"
x-content-security-policy: default-src 'self' https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce'; connect-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://www.paypal.com https://noembed.com; font-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce'; img-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://badge.hardenize.com https://tracking.qa.paypal.com https://www.paypalobjects.com https://github.com https://*.github.com https://githubusercontent.com https://*.githubusercontent.com https://shields.io https://*.shields.io https://ytimg.com https://*.ytimg.com; style-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' 'unsafe-inline' https://www.paypal.com https://challenges.cloudflare.com; script-src 'self' https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' 'unsafe-inline' https://challenges.cloudflare.com https://www.paypal.com; object-src 'none'; frame-ancestors 'self'; frame-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://www.youtube.com https://*.youtube-nocookie.com https://challenges.cloudflare.com https://www.paypal.com; report-uri https://forwardemail.net/report; base-uri 'self'; form-action 'self' https://login.ubuntu.com https://dash.cloudflare.com https://dcc.godaddy.com https://api.domainconnect.ionos.com https://dns.glauca.digital https://domains.squarespace.com
x-dns-prefetch-control: off
x-download-options: noopen
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1777558388
x-request-id: 0d41c924-031c-4066-b039-e4c388c8daaa
x-response-time: 30.238ms
x-webkit-csp: default-src 'self' https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce'; connect-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://www.paypal.com https://noembed.com; font-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce'; img-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://badge.hardenize.com https://tracking.qa.paypal.com https://www.paypalobjects.com https://github.com https://*.github.com https://githubusercontent.com https://*.githubusercontent.com https://shields.io https://*.shields.io https://ytimg.com https://*.ytimg.com; style-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' 'unsafe-inline' https://www.paypal.com https://challenges.cloudflare.com; script-src 'self' https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' 'unsafe-inline' https://challenges.cloudflare.com https://www.paypal.com; object-src 'none'; frame-ancestors 'self'; frame-src 'self' data: https://*.forwardemail.net:* https://forwardemail.net https://forwardemail.net:* 'nonce-0a2e3f138743a4d7ebfb3c18d01531ce' https://www.youtube.com https://*.youtube-nocookie.com https://challenges.cloudflare.com https://www.paypal.com; report-uri https://forwardemail.net/report; base-uri 'self'; form-action 'self' https://login.ubuntu.com https://dash.cloudflare.com https://dcc.godaddy.com https://api.domainconnect.ionos.com https://dns.glauca.digital https://domains.squarespace.com

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching